👀 Дизайнеры, какая команда подходит вам по вайбам? Проверяйте на Вайб-чеке→ vibe.habr.com

Red Team Lead

Зарплата

от 6000 до 8500 €

Требования

Пентестер, Ведущий (Lead)PythonAWS

Местоположение и тип занятости

Полный рабочий деньМожно удаленно

Компания

Международная финтех-компания

Описание вакансии

Условия работы

Your role at Exness:

We are looking for a Red Team Lead to join Exness Information Security Department. You will identify existing and emerging security threats and protect Exness Group of Companies from them, maintaining business continuity and regulatory compliance in respective areas.

You will: 
  • Design, scope, and lead Red Team Group for conducting various security assessments in multiple domains; Physical, Cyber, Social Engineering, Insider Threat.
  • Techniques and tradecraft used during engagements include commercial, open-source, and custom tooling.
  • Collect, categorize, maintain, and analyze data using a range of quantitative techniques
  • Supervise staff, provide feedback and coaching, and grow their technical and consulting skills
  • Automate the creation of Tactics, Techniques, and Procedures, portions of engagements, and other offensive security work to inform and drive our engagements.
  • Work with Incident Response, Product Security, and other security partners to align remediation efforts that best protect the company.
The ideal candidate:
  • At least five years experience in offensive cybersecurity roles, such as malware development, red teaming, penetration testing, purple team exercises in the cloud and on-prem environments
  • Experience with the commonly used attack frameworks (Cobalt Strike, Metasploit, CANVAS, Empire, Core Impact, etc.).
  • Strong scripting abilities using PowerShell, python, ruby, and/or programming with compiled languages (C/C++, Golang, etc.).
  • The ability to think like a defender (control evasion).
  • Experienced in exploiting application layer vulnerabilities and creating and/or customizing exploits Ability to develop and/or customize exploits in order to penetrate a network.
  • Professional level certification such as OSCP, OSEP, OSWE.
  • CTF/Bugbounty experience
  • Excellent attention to detail oral and written communications skills tailored to audiences ranging from technical subject matter expert partners to senior executive stakeholders.
  • Deep understanding of security aspects of virtualization, containerization, and cloud services (AWS).
  • Broad-spectrum of technical knowledge in the following areas (the list is not exhaustive): Linux family, Docker, Kubernetes, AWS, Azure.
  • Good knowledge of basic technologies and protocols (TLS, HTTP, Web Socket, DNS, OAuth2, OIDC, etc.) and threats to them.
  • Fluent Russian and English language (Upper-Intermediate or higher).
Would be an advantage:
  • Project management experience
  • Experience building infrastructure using DevOps technologies and concepts to support offensive security teams.
  • Digital forensics experience.
  • Team management skills are a plus.

Бонусы

What we offer:
  • A reasonably estimated and attractive package (competitive salary based on your expectations and internal benchmark) with the ability to start working remotely anywhere in the world; 
  • Company Car - the  company will provide Exness-branded cars to those who relocated, parking near the office or a bus tickets;
  • We’ll pay school or kindergarten fees (Annual Registration or Tuition Fees, Regular term fees, Half day service to kindergartens) for your children between 0 years - 18 years, up to three (3) children; 
  • L&D - support your need to replenish your knowledge and acquire new skills to do your job better via Continuous product education, Professional training & Certifications, Soft skill training, Language classes, and our very own Exness library ;
  • Sports Benefits - Our very own Sports Club with dedicated coaches doing group and individual training, on-site and online, sharing healthy recipes and life hacks + Free Sanctum Club Membership for you and your spouse. Jet Skis (if you have a speed boat operator license) ;
  • Medical - Besides having a Corporate Doctor, we cooperate with one of the biggest international insurance companies to provide medical insurance for you and your families. Coverage is provided for you, your spouse, and your children up to 18 years old. It includes Inpatient, Outpatient, and international support. 

Дополнительные инструкции

Just apply today and the recruiter will arrange a video call 👌